private AnalyzeResult AnalyzeHttpHeader(HeaderStruct Header)
{
//实例化http的GET请求的分析结果
AnalyzeResult GetMethodResult = new AnalyzeResult();
//判断该请求是否有为黑名单,是否设置了访问流量限制和访问频率限制
LimitList LimitJudge = new LimitList();
FrequenceLimit FrequenceJudge = new FrequenceLimit();
FlowLimit FlowJudge = new FlowLimit();
GetMethodResult.RequestHeader = Header;
GetMethodResult.RequestContents = string.Empty;
if (!LimitJudge.IsLimitVisitor(Header.HostIp))
{
GetMethodResult.ResultReport = "该主机已被设置为黑名单,无法访问";
return(GetMethodResult);
}
if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) > 0)
{
if (!FrequenceJudge.IsOverTimesNum(LimitJudge.GetLimitVisitorTotalRate(Header.HostIp), Header.HostIp))
{
GetMethodResult.ResultReport = "请求过于频繁,系统自动判定为异常请求!请稍后再试!";
return(GetMethodResult);
}
}
else if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) == 0)
{
GetMethodResult.ResultReport = "数据库出错";
return(GetMethodResult);
}
IPAddress CheckIPAddress = null;
if (!IPAddress.TryParse(Header.HostIp, out CheckIPAddress))
{
GetMethodResult.ResultReport = "请求报文的IP地址不合法!";
return(GetMethodResult);
}
HttpRequestFilter Filter = new HttpRequestFilter();
Header.URL = Filter.URLFilter(Header.URL); //过滤URL特殊字符
if (Header.URL == "URL字符过滤异常")
{
GetMethodResult.ResultReport = Header.URL;
return(GetMethodResult);
}
GetMethodResult.ResultReport = "请求过滤成功";
return(GetMethodResult);
}
//执行防火墙功能的数据库设置
private string CompleteSetting(SetWafManager SetLimitRequest)
{
Boolean Result = true;
LimitList LimitSetting = new LimitList();
string HostIp = SetLimitRequest.Visitor_IP;
int Flow_TotalRate = (SetLimitRequest.Flow_TotalRate == null ? 0 : int.Parse(SetLimitRequest.Flow_TotalRate));
int Visitor_TotalRate = (SetLimitRequest.Visitor_TotalRate == null ? 0:int.Parse(SetLimitRequest.Visitor_TotalRate));
Boolean Visit_Limit = SetLimitRequest.Visit_Limit;
if (string.IsNullOrEmpty(HostIp))
{
return("IP地址不能为空");
}
if (Flow_TotalRate > 0)
{
Result = LimitSetting.SetFlowTotalRate(HostIp, Flow_TotalRate);
}
if (!Result || Flow_TotalRate < 0)
{
return("流量设置出错");
}
if (Visitor_TotalRate > 0)
{
Result = LimitSetting.SetVisitorTotalRate(HostIp, Visitor_TotalRate);
}
if (!Result || Visitor_TotalRate < 0)
{
return("访问频率设置出错");
}
if (Visit_Limit == true || Visit_Limit == false)
{
Result = LimitSetting.SetLimitVisitor(HostIp, Visit_Limit);
}
if (!Result)
{
return("名单限制设置失败");
}
return("设置成功");
}
//调用方法执行获取数据库中防火墙功能设置历史的记录
private string[] GetLimitList()
{
LimitList LimitSetting = new LimitList();
return(LimitSetting.GetLimitDataList());
}
private AnalyzeResult AnalyzeHttpRequest(HttpRequestBase Request, HeaderStruct Header) //该方法用于分析http请求的头部信息
{
//实例化http的POST请求的分析结果
AnalyzeResult PostAnalyzeResult = new AnalyzeResult();
//判断该请求是否有为黑名单,是否设置了访问流量限制和访问频率限制
LimitList LimitJudge = new LimitList();
FrequenceLimit FrequenceJudge = new FrequenceLimit();
FlowLimit FlowJudge = new FlowLimit();
if (!LimitJudge.IsLimitVisitor(Header.HostIp))
{
PostAnalyzeResult.ResultReport = "该主机已被设置为黑名单,无法访问";
return(PostAnalyzeResult);
}
if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) > 0)
{
if (!FrequenceJudge.IsOverTimesNum(LimitJudge.GetLimitVisitorTotalRate(Header.HostIp), Header.HostIp))
{
PostAnalyzeResult.ResultReport = "请求过于频繁,系统自动判定为异常请求!请稍后再试!";
return(PostAnalyzeResult);
}
}
else if (LimitJudge.GetLimitVisitorTotalRate(Header.HostIp) == 0)
{
PostAnalyzeResult.ResultReport = "数据库出错";
return(PostAnalyzeResult);
}
if (LimitJudge.GetLimitFlowTotalRate(Header.HostIp) > 0)
{
if (!FlowJudge.IsOverFlow(LimitJudge.GetLimitFlowTotalRate(Header.HostIp), Header.TotalBytes, Header.HostIp))
{
PostAnalyzeResult.ResultReport = "请求信息量太大,系统自动判定为异常请求!请稍后再试!";
return(PostAnalyzeResult);
}
}
else if (LimitJudge.GetLimitFlowTotalRate(Header.HostIp) == 0)
{
PostAnalyzeResult.ResultReport = "数据库错误";
return(PostAnalyzeResult);
}
IPAddress CheckIPAddress = null;
if (!IPAddress.TryParse(Header.HostIp, out CheckIPAddress))
{
PostAnalyzeResult.ResultReport = "请求报文的IP地址不合法!";
return(PostAnalyzeResult);
}
//获取请求字符串,并判断请求长度是否合法
if (Request.ContentLength > (Int32.MaxValue) / 50)
{
PostAnalyzeResult.ResultReport = "请求内容太大,丢弃请求!";
return(PostAnalyzeResult);
}
//通过流到字符的转化,将请求内容获取到RequestContent变量
Stream RequestStream = Request.InputStream;
StreamReader MyStream = new StreamReader(RequestStream, Encoding.UTF8);
string RequestContent = MyStream.ReadToEnd();
HttpRequestFilter Filter = new HttpRequestFilter();
RequestContent = Filter.HTMLFilter(RequestContent); //过滤HTML标签
RequestContent = Filter.SqlFilter(RequestContent); //过滤sql关键字
RequestContent = Filter.SpecialCharFilter(RequestContent); //过滤特殊字符
RequestContent = Filter.XSSFilter(RequestContent); //过滤XSS脚本
if (RequestContent == "HTML标签过滤异常" || RequestContent == "特殊字符过滤异常" ||
RequestContent == "SQL字符过滤异常" || RequestContent == "XSS过滤异常")
{
PostAnalyzeResult.ResultReport = RequestContent;
return(PostAnalyzeResult);
}
Header.URL = Filter.URLFilter(Header.URL); //过滤URL特殊字符
if (Header.URL == "URL字符过滤异常")
{
PostAnalyzeResult.ResultReport = Header.URL;
return(PostAnalyzeResult);
}
PostAnalyzeResult.ResultReport = "请求过滤成功";
PostAnalyzeResult.RequestHeader = Header;
PostAnalyzeResult.RequestContents = RequestContent;
return(PostAnalyzeResult);
}
